It sounds like you are coming from Winblows, where "it is designed for spying". Nothing is "undetectable in Linux", you would have to change the kernel, even to try to hide something. So you would have to be root, and it would be your system. If you setup a system, and fool users into believing they are "safe", but are "keystroke recording them", you are probably breaking the law.

Be like the "big-time-spy-guys", and attack the problem at it's weakest point. That means use bugs, cameras, and electromagntic pulse recording.

By the way, did you know there is a camera out, which is the size of a postage stamp, and is crytal clear? Have you looked closely at the walls and ceiling around your computer? They can also bounce a laser off of your monitor, and get an image of what keys you are typing, and what you are looking at? Even if you have "privavcy glass" in all your windows, there are ways to "see thru it". For keystroke recording, all they need is an audio bug..why?...each key on your keyboard makes a "distinctive click" when it is pressed. All they need to do, is bounce a laser off of your window, and they can hear every keyclick you make.

So forget about trying to put trojans, into linux machines, you are wasting your time.